package com.easyskool.filter;

import java.io.IOException;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.easyskool.constants.CommonConstants;
import com.easyskool.services.core.UserAuthenticationService;
import com.easyskool.utilfunction.NullObjects;

@SuppressWarnings("unchecked")
public class LoginFilter implements Filter {

	public void init(FilterConfig config) throws ServletException {
		// If you have any <init-param> in web.xml, then you could get them
		// here by config.getInitParameter("name") and assign it as field.
	}

	@Override
	public void doFilter(ServletRequest req, ServletResponse res,
			FilterChain chain) throws IOException, ServletException {
		HttpServletRequest request = (HttpServletRequest) req;
		HttpServletResponse response = (HttpServletResponse) res;
		HttpSession session = request.getSession(true);
		String path = ((HttpServletRequest) request).getRequestURI();

		response.setHeader("Cache-Control",
				"no-cache, no-store, must-revalidate"); // HTTP 1.1.
		response.setHeader("Pragma", "no-cache"); // HTTP 1.0.
		response.setDateHeader("Expires", 0); // Proxies.
		System.out.println("path LoginFilter : " + path);
		String  user=(String)session.getAttribute(CommonConstants.USERNAME);
		String  role=(String)session.getAttribute(CommonConstants.ROLE);
		System.out.println("User: "+user+" ROLE: "+role);
		if(user==null)
		{	
			session.setAttribute(CommonConstants.AUTH_FAIL, "fail");
			response.sendRedirect("/easyskool/Login/login.jsp");
		}
		else
		{
			System.out.println("Since the user is present, Determinig which path to follow");
			if(validateAccess (session,request))
			chain.doFilter(req, res);
			else
				response.sendRedirect("/easyskool/Login/login.jsp");	
		}
		
		
	}

	private boolean validateAccess( HttpSession session,
			HttpServletRequest request) {
		boolean isAuthorized = false;
		String  roles = (String) session.getAttribute("role");
		if (NullObjects.isNull(roles)) {
			return isAuthorized;
		}
		String path = ((HttpServletRequest) request).getRequestURI();
		System.out.println("path ############ : " + path);

		System.out.println("roles #######################: " + roles);
		String[] roleArray=roles.split(",");
		String role="";
		for(int i=0;i<roleArray.length;i++)
		{	String roleloop=roleArray[i];
			if (path.contains(roleloop)) {
				{isAuthorized = true;
				break;
				}
			} else {
				isAuthorized = false;
			}
		}
		return isAuthorized;
	}

	@Override
	public void destroy() {
		// If you have assigned any expensive resources as field of
		// this Filter class, then you could clean/close them here.
	}

}
